Re: Connecting to DC in wrong site
From: ptwilliams (ptw2001_at_hotmail.com)
Date: 11/22/04
- Next message: ptwilliams: "Re: Connecting to DC in wrong site"
- Previous message: S.J.Haribabu: "RE: SQL Server & AD in Windows Server 2003"
- In reply to: Jeff: "Re: Connecting to DC in wrong site"
- Messages sorted by: [ date ] [ thread ]
Date: Mon, 22 Nov 2004 21:03:15 -0000
That error, if persistent, means the netlogon secure channel is out-of-sync
(or non-existent).
Run nltest /sc_query:domainName on this machine, and see what the outcome
is. If it fails, or gives and error try resetting it: nltest
/sc_reset:domainName.com
-- Paul Williams http://www.msresource.net http://forums.msresource.net "Jeff" <jeffpoling@yahoo.com> wrote in message news:OlzlJNazEHA.1564@TK2MSFTNGP09.phx.gbl... We get this kind of error on the DC system log: Event Type: Error Event Source: NETLOGON Event Category: None Event ID: 5723 Date: 11/18/2004 Time: 10:28:25 AM User: N/A Computer: AD Description: The session setup from computer 'CR02-EMBT30' failed because the security database does not contain a trust account 'CR02-EMBT30$' referenced by the specified computer. USER ACTION If this is the first occurrence of this event for the specified computer and account, this may be a transient issue that doesn't require any action at this time. Otherwise, the following steps may be taken to resolve this problem: If 'CR02-EMBT30$' is a legitimate machine account for the computer 'CR02-EMBT30', then 'CR02-EMBT30' should be rejoined to the domain. If 'CR02-EMBT30$' is a legitimate interdomain trust account, then the trust should be recreated. Otherwise, assuming that 'CR02-EMBT30$' is not a legitimate account, the following action should be taken on 'CR02-EMBT30': If 'CR02-EMBT30' is a Domain Controller, then the trust associated with 'CR02-EMBT30$' should be deleted. If 'CR02-EMBT30' is not a Domain Controller, it should be disjoined from the domain. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Data: 0000: 8b 01 00 c0 <..À "Tim Kalligonis" <tkalligonis@comcast.net> wrote in message news:OqWGPtZzEHA.1860@TK2MSFTNGP15.phx.gbl... > No, I haven't figured anything out yet. Let me know if you do. > > What types of issues do you find with the computer account? > > > "Jeff" <jeffpoling@yahoo.com> wrote in message > news:%23vg5V0YzEHA.2200@TK2MSFTNGP09.phx.gbl... >> Tim, >> >> I am seeing this in our environment on occasion as well. We are running >> 2 W2k3 DCs at our main site. 4 Remote sites have W2K DCs and 1 remote >> site has a W2k3 DC. All the DCs are Global catalogs at the remote sites >> and our main site. >> >> Once in a while a Windows XP PC at our main site will authenticate >> against a remote site DC. Typically we'll see issues with the computer >> account when this happens. >> >> Have you been able to find a resolution? >> >> Thanks, >> >> Jeff >> "Tim Kalligonis" <tkalligonis@comcast.net> wrote in message >> news:u9ybv7OwEHA.1396@tk2msftngp13.phx.gbl... >>> We've been having an issue where random client machines connect to >>> Domain >>> Controllers outside of their site. >>> I've only see the issue in the site I am located in, there have not been >>> reports of this issue from other sites so I'm not sure if this occurs in >>> those other sites or not. >>> >>> I've checked the obvious - make sure all subnets that are suppose to be >>> associated to this site are defined in the site. Checked the remote >>> sites >>> were these clients are connecting to making sure that the subnet is not >>> also >>> defined somewhere else. >>> >>> Issue: Occasionally client will take a little longer than usual to log >>> into >>> their machine. If the %logonserver% is check it will show they were >>> authenticated to a domain controller outside of their site. It is >>> usually a >>> domain controller is one of three remote sites. We have a total of 26 >>> sites. Then when ADUC is opened it will also connect to this remote DC. >>> >>> Another interest piece of information is the fact that the site I am >>> seeing >>> this occur in has the most DCs in it, it has four DCs for this >>> particular >>> domain plus the FSMO roles reside on 2 of the 4 DCs in this site. >>> >>> I haven't been able to find and KB articles describing this problem. >>> Has >>> anyone experienced this problem or know of KB articles describing this >>> issue? >>> >>> Thanks, >>> Tim >>> >>> >> >> > >
- Next message: ptwilliams: "Re: Connecting to DC in wrong site"
- Previous message: S.J.Haribabu: "RE: SQL Server & AD in Windows Server 2003"
- In reply to: Jeff: "Re: Connecting to DC in wrong site"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
